﻿@model Orchard.OpenId.Models.AzureActiveDirectorySettingsPart

<h2>Azure Active Directory Settings</h2>
<fieldset>
    <label for="@Html.IdFor(m => m.Tenant)">@T("Tenant")</label>
    @Html.TextBoxFor(m => m.Tenant, new { @class = "text large" })
    <span class="hint">@T("Azure Active Directory tenant (e.g. yoursite.onmicrosoft.com).")</span>
</fieldset>
<fieldset>
    <label for="@Html.IdFor(m => m.ADInstance)">@T("Active Directory Instance")</label>
    @Html.TextBoxFor(m => m.ADInstance, new { @class = "text large" })
    <span class="hint">@T("Default instance is https://login.microsoftonline.com/{your-tenant-name}")</span>
</fieldset>
<fieldset>
    <label for="@Html.IdFor(m => m.ClientId)">@T("App ID")</label>
    @Html.TextBoxFor(m => m.ClientId, new { @class = "text large" })
</fieldset>
<fieldset>
    <label for="@Html.IdFor(m => m.AppName)">@T("App Name")</label>
    @Html.TextBoxFor(m => m.AppName, new { @class = "text large" })
    <span class="hint">@T("The application name you wish to give active directory login rights to.")</span>
</fieldset>
<fieldset>
    <label for="@Html.IdFor(m => m.LogoutRedirectUri)">@T("Logout Redirect")</label>
    @Html.TextBoxFor(m => m.LogoutRedirectUri, new { @class = "text large" })
    <span class="hint">@T("Redirect url after azure logout, default is http://localhost:30321/OrchardLocal/")</span>
</fieldset>
<fieldset>
    <label for="@Html.IdFor(m => m.ServiceResourceID)">@T("Service Resource ID")</label>
    @Html.TextAreaFor(m => m.ServiceResourceID, new { @class = "text large" })
    <span class="hint">
        @T(@"If you have a single 'Service Resource ID' just write it down directly.
             If you have multiple resources, enter each resource id on its own line, using key=value pairs.
             Example: service1=https://yoursite.onmicrosoft.com/some-guid-for-service1")
    </span>
</fieldset>
<fieldset>
    <label for="@Html.IdFor(m => m.AppKey)">@T("App Key")</label>
    @Html.TextBoxFor(m => m.AppKey, new { @class = "text large" })
</fieldset>
<fieldset>
    @Html.CheckBoxFor(m => m.BearerAuthEnabled)
    <label class="forcheckbox" for="@Html.IdFor(m => m.BearerAuthEnabled)">@T("Enable Bearer Token Authentication")</label>
</fieldset>
<fieldset>
    @Html.CheckBoxFor(m => m.SSLEnabled)
    <label class="forcheckbox" for="@Html.IdFor(m => m.SSLEnabled)">@T("Use SSL Protocol for valid audience")</label>
</fieldset>
<fieldset>
    @Html.CheckBoxFor(m => m.AzureWebSiteProtectionEnabled)
    <label class="forcheckbox" for="@Html.IdFor(m => m.AzureWebSiteProtectionEnabled)">@T("Enable Machine Key Data Protection for Azure Web Site")</label>
</fieldset>
<fieldset>
    @Html.CheckBoxFor(m => m.UseAzureGraphApi)
    <label class="forcheckbox" for="@Html.IdFor(m => m.UseAzureGraphApi)">@T("Enable Graph API")</label>
    <span class="hint">@T("Check this box to enable syncing Orchard Role membership to Azure Graph API Group Membership.  This module will not create new Orchard Roles for you, but it will sync up user membership of existing Orchard Roles with AD Group membership for Role names that match a group name")</span>
</fieldset>
<fieldset>
    <label for="@Html.IdFor(m => m.GraphApiUrl)">@T("Graph Api Url")</label>
    @Html.TextBoxFor(m => m.GraphApiUrl, new { @class = "text large" })
    <span class="hint">@T("Typically https://graph.windows.net")</span>

    <label for="@Html.IdFor(m => m.GraphApiKey)">@T("Graph Api Key")</label>
    @Html.TextBoxFor(m => m.GraphApiKey, new { @class = "text large" })
</fieldset>
<hr />